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Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 



to secured documents, the system comprising: 
a processor; 

a policy system configured to enable the processor to store at least one 
process-driven security policy on a computer readable storage medium, wherein 
the process-driven security policy includes a plurality of different states and 
transition rules, and wherein each of the different states is associated with one or 
more access restrictions, and wherein each of the different states has distinct 
access restrictions for secured documents which reside in that state , and wherein 
the transition rules specify circumstances under which a secured document is to 
transition from one state to another , and wherein the circumstances include the 
occurrence and internal and external events ; and 

an access manager configured to enable the processor to access the 
process-driven security policy and determine whether access to a secured 
document is permitted by a requestor based on the policy state associated 
therewith at the time access is requested and the corresponding one or more 
access restrictions thereof for the process-driven security policy. 

2. (Currently amended) The document security system as recited in claim 1, 
wherein the one or more access restrictions for the secured document are automatically 



1. 



(Currently amended) A document security system for restricting access 
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changed [[if ]] in response to detecting a change in the state of the process-driven security 

policy for the secured document changes . 

3. (Previously Presented) The document security system as recited in claim 
1, wherein events cause the state of the process-driven security policy for the secured 
document to automatically transition from one state to another. 

4. (Currently amended) The document security system as recited in claim 3, 
wherein the internal events are internal or external ev e nts with respect to originate from 
the document security system and wherein external events originate from outside the 
document security system . 

5. (Previously Presented) The document security system as recited in claim 
4, wherein at least one of the events is an external event from a document management 
system. 

6. (Previously Presented) The document security system as recited in claim 
1, wherein one or more of the corresponding one or more access restrictions for access to 
the secured document remain intact when the state of the process-driven security policy 
for the secured document changes. 

7. (Previously Presented) The document security system as recited in claim 
1, wherein events cause the state of the process-driven security policy to automatically 
transition from one state to another, wherein the process-driven security policy includes 
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at least a first state, a second state, and a third state, and wherein a first event causes 

transition from the first state to the second state, and a second event causes transition 

from the second state to a third state. 

8. (Previously Presented) The document security system as recited in claim 
1 , wherein events cause the state of the process-driven security policy to automatically 
transition from one state to another, wherein the process-driven security policy includes 
at least a first state and a second state, and wherein a first event causes transition from 
the first state to the second state. 

9. (Currently amended) The document security system as recited in claim 1, 
wherein the transition rules are based on external events originate from a second 
document security system . 

10. (Previously Presented) The document security system as recited in claim 
9, wherein the transition rules are written in XML, 

1 1 . (Currently amended) The document security system as recited in claim 1, 
wherein events cause the state of the process-driven security policy for the secured 
document to transition from a previous state to a current state, and wherein the secured 
document is modified [[if "["[ in response to detecting a transition from the previous state 
of the process-driven security policy for the secured document transitions from the 
previous stat e to the current state. 
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12. (Currently amended) The document security system as recited in claim 

1 1, wherein the secured document includes at least a security information portion and an 
encrypted data portion, the security information portion including at least an encrypted 
key, and the key being encrypted is decrypted in order to decrypt the encrypted data 
portion, and wherein [[if H in response to detecting a transition from the previous state of 
the process-driven security policy for the secured document transitions from the previous 
state to the current state, the secured document is modified by decrypting the encrypted 
key and then re-encrypting the key, whereby the key is encrypted differently for the 
current state than the previous state. 

13. (Currently amended) The document security system as recited in claim 

1 1 , wherein, in response to determining, by the access manager, that access to a secured 
document is permitted by a requesto r when permitted , access to the secured document is 
available at a client machine associated with the requestor . 

14. (Currently amended) A method for transitioning at least one secured 
document through a security-policy state machine having a plurality of different states, 
each of the plurality of different states having distinct access restrictions for secured 
documents which reside in that state , the method comprising: 

receiving an even t, wherein the event is one of a group of internal and 
external events ; 

determining whether the event causes a state transition for the at least one 
secured document from a former state to a subsequent different state of the 
security-policy state machine; and 
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automatically transitioning from the former state to the subsequent 

different state of the security-policy state machine if the in response to 

determining determines that the event causes the state transition. 

15. (Previously Presented) The method as recited in claim 14, wherein the 
security-policy state machine implements a process-driven security policy, and wherein 
each state of the security-policy state machine has different access restrictions. 

16. (Previously Presented) The method as recited in claim 14, wherein each 
of the states of the security-policy state machine have different access policies. 

17. (Previously Presented) The method as recited in claim 16, wherein the 
security-policy state machine is provided as part . of a document security system, and 
wherein the different access policies of the security-policy state machine are enforced by 
the document security system. 

18. (Previously Presented) The method as recited in claim 14, wherein the 
transitioning comprises modifying the secured document to reflect the subsequent state 
of the security-policy state machine. 

19. (Currently amended) The method as recited in claim 14, wherein the 
transitioning further comprises: 

retrieving an encrypted file key from the secured document; 
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decrypting , if permitted by the former state of the security policy state 
machin e , the encrypted file key to yield a file key; 

subsequently encrypting the file key in accordance with the subsequent 
state of the security-policy state machine; and 

storing the secured document, the secured document including at least an 
encrypted data portion and the subsequently encrypted file key. 



20. (Previously Presented) The method as recited in claim 14, wherein the 
transitioning further comprises: 

retrieving an encrypted file key from the secured document; 

obtaining a private state key associated with the former state of the 
security-policy state machine; 

decrypting the encrypted file key using the private file key; 

obtaining a public state key associated with the subsequent state of the 
security-policy state machine; 

subsequently encrypting the file key in accordance with the public state 
key; and 

storing the secured document, the secured document including at least an 
encrypted data portion and the subsequently encrypted file key. 



21. (Currently amended) A method for imposing access restrictions on 
electronic documents, the method comprising: 

providing at least one process-driven security policy at a server computer, 
wherein the process-driven security policy is associated with a plurality of 
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different states, and wherein each of the different states has distinct access 

restrictions for secured documents which reside in that state ; 

providing a reference to the process-driven security policy to at a client 
computer, the reference referring to the process-driven security policy resident on 
the server computer; 

associating the reference to an electronic document; 

transitioning the process-driven security policy from one state to a current 
state in response to the occurrence of an event, wherein the event is one of a 
group of internal and external events ; and 

subsequently determining at the server computer whether a requestor is 
permitted to access the electronic document, the access being based on a current 
state of the process-driven security policy, the current state being informed to the 
server computer by sending the reference to the server computer. 

22. (Currently amended) The method as recited in claim 21, wherein the 
transitioning is automatically performed ba s ed on ex ternal events are external to the 
server computer and the client computer . 

23. (Previously Presented) The method as recited in claim 22, wherein the 
transitioning is performed at the server computer. 

24. (Previously Presented) The method as recited in claim 21, wherein the 
associating associates the reference to a group of documents. 
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25. (Previously Presented) The method as recited in claim 21, wherein the 
method pertains to a group of electronic documents, and wherein all of the electronic 
documents of the group are always in the same state of the process-driven security 
policy. 

26. (Previously Presented) The method as recited in claim 21, wherein the 
determining comprises evaluating the process-driven security policy of an electronic 
document at the server computer based on at least the security policy restrictions for the 
current state of the process-driven security policy for the electronic document. 

27. (Currently amended) A computer readable storage medium having 
instructions stored thereon, computer program code that, if executed by a processor, 
causes the instructions processor to perform a method comprising: 

instructions to detect detecting an occurrence of an event , wherein the 
event is one of a group of internal and external events ; 

instructions to determine determining w hether the event causes a state 
transition for at least one secured document from a former state to a subsequent 
different state of a security-policy state machine having a plurality of different 
states, each of the plurality of different states having distinct access restrictions 
for secured documents which reside in that state : and 

instructions to automatically transition transitioning from the former state 
to the subsequent different state of the security-policy state machine upon 
determining that the event causes the state transition. 
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28. (Currently amended) A computer readable storage medium having 

instructions stored thereon, computer program code that, if e xecuted by a processor, 

causes the instructions p rocessor to perform a method comprising: 

instructions to provide p roviding at least one process-driven security 
policy at a server machine, wherein the process-driven security policy has a 
plurality of different states and transition rules associated therewith, and wherein 
each of the different states has distinct access restrictions for secured documents 
which reside in that state, and wherein the transition rules specify circumstances 
under which an electronic document is to transition from one state to another, and 
wherein the circumstances include the occurrence of internal and external events ; 

instructions to provide p roviding a reference to the process-driven 
security policy at a client machine, wherein the reference refers to the process- 
driven security policy resident on the server machine; 

instructions to associate associating the reference to an electronic 
document; 

instructions to transform transforming the process-driven security policy 
from one state to a current state; and 

instructions to determine determining at the server computer whether a 
requestor is permitted to access the electronic document, wherein the access is 
based on a current state of the process-driven security policy, and wherein the 
current state is informed to the server computer by sending the reference to the 
server computer. 
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